ISO 37301:2021 pdf download.Compliance management systems - Requirements with guidance for use
1 Scope
This document specifies requirements and provides guidelines for establishing, developing,implementing, evaluating, maintaining and improving an effective compliance management system within an organization.
This document is applicable to all types of organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector.
All requirements specified in this document that refer to a governing body apply to top management in cases where an organization does not have a governing body as a separate function.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
- ISO Online browsing platform: available at https://www.iso.org/obp
- IEC Electropedia: available at http://www.electropedia.org/
3.1 organization
person or group of people that has its own functions with responsibilities, authorities and relationships to achieve its objectives (3.6)
Note 1 to entry: The concept of organization includes, but is not limited to, sole-trader, company, corporation, firm,enterprise, authority, partnership, charity or institution, or part or combination thereof, whether incorporated or not, public or private.
Note 2 to entry: If the organization is part of a larger entity, the term "organization" refers only to the part of the larger entity that is within the scope of the compliance management system.
3.2 interested party (preferred term)
stakeholder (admitted term)
person or organization (3.1) that can affect, be affected by, or perceive itself to be affected by a decision or activity
3.3 top management
person or group of people who directs and controls an organization (3.1) at the highest level
Note 1 to entry: Top management has the power to delegate authority and provide resources within the organization.
Note 2 to entry: If the scope of the management system (3.4) covers only part of an organization, then top management refers to those who direct and control that part of the organization.
3.4 management system
set of interrelated or interacting elements of an organization (3.1) to establish policies (3.5) and objectives (3.6) as well as processes (3.8) to achieve those objectives
Note 1 to entry: A management system can address a single discipline or several disciplines.
Note 2 to entry: The management system elements include the organization's structure, roles and responsibilities,planning and operation.
3.5 intentions and direction of an organization (3.1), as formally expressed by its top management (3.3)
Note 1 to entry: A policy can also be formally expressed by an organization's governing body (3.2).
3.6 objective
result to be achieved
Note 1 to entry: An objective can be strategic, tactical, or operational.
Note 2 to entry: Objectives can relate to different disciplines (such as finance, health and safety, and environment).They can be, for example, organization-wide, or specific to a project, product, service or process (3.8)).
Note 3 to entry: An objective can be expressed in other ways, e.g. as an intended result, a purpose, an operational criterion, as a compliance (3.7) objective, or by the use of other words with similar meaning (e.g. aim, goal, or target).
Note 4 to entry: In the context of compliance management systems (3.4), compliance objectives are set by the organization (3.1), consistent with the compliance policy (3.5), to achieve specific results.ISO 37301 pdf download.